Implementation of Cache Attack on Real Information Centric Networking System
|
|
- Lauren Blair
- 5 years ago
- Views:
Transcription
1 UNF Digital Commons UNF Graduate Theses and Dissertations Student Scholarship 2018 Implementation of Cache Attack on Real Information Centric Networking System Faustina J. Anto Morais University of North Florida Suggested Citation Anto Morais, Faustina J., "Implementation of Cache Attack on Real Information Centric Networking System" (2018). UNF Graduate Theses and Dissertations This Master's Thesis is brought to you for free and open access by the Student Scholarship at UNF Digital Commons. It has been accepted for inclusion in UNF Graduate Theses and Dissertations by an authorized administrator of UNF Digital Commons. For more information, please contact Digital Projects All Rights Reserved
2 IMPLEMENTATION OF CACHE ATTACK ON REAL INFORMATION CENTRIC NETWORKING SYSTEM by Faustina J. Anto Morais A thesis submitted to the School of Computing in partial fulfillment of the requirements for the degree of Master of Science in Computer and Information Sciences UNIVERSITY OF NORTH FLORIDA SCHOOL OF COMPUTING August, 2018
3 Copyright ( c ) 2018 by Faustina J. Anto Morais All rights reserved. Reproduction in whole or in part in any form requires the prior written permission of Faustina J. Anto Morais or designated representative. ii
4 The thesis Implementation of Cache Attack on Real Information Centric Networking System submitted by Faustina J. Anto Morais in partial fulfillment of the requirements for the degree of Master of Science in Computing and Information Sciences has been Approved by the thesis committee: Date: Dr. Swapnoneel Roy Thesis Advisor and Committee Chairperson Dr. Sanjay P. Ahuja Dr. Sandeep Reddivari Accepted for the School of Computing: Dr. Sherif Elfayoumy Director of the School Accepted for the College of Computing, Engineering, and Construction: Dr. Mark Tumeo Dean of the College Accepted for the University: Dr. John Kantner Dean of the Graduate School iii
5 ACKNOWLEGEMENTS I would like to first thank my thesis advisor, Dr. Swapnoneel Roy, for his patient and helpful advice in the completion of my research work. This thesis would not have been possible without his direction and support. I would also like to thank my committee members, Dr. Sanjay P. Ahuja and Dr. Sandeep Reddivari, for their valuable suggestions. I also thank Professor Walt H. Schuller for guiding me in this process and being available to help me in the security laboratory where I did this work. This thesis provided me a great learning experience on security attacks and its impacts. It also taught me real patience in troubleshooting when something does not go as expected, a skill which is useful in the networking field outside of academics. Last but not the least, special thanks to my parents for supporting me throughout my studies at University of North Florida. Without their support, I wouldn t have been able to finish my Master s degree successfully. iv
6 CONTENTS List of Figures List of Tables Abstract vii viii ix Chapter 1 Introduction Problem Statement Research Objective Chapter 2 Background and Existing Research Information Centric Networking (ICN) Cache attack Related work Motivation for this Research Chapter 3 Implementation of Real ICN Tools Used for Network Implementation Content Delivery Squid Web Proxy Server Wget Function Rsyslog Implementation Methodology Overview of the Implemented ICNs Specification of the Implemented ICNs Idea of the Performed Cache Attack Chapter 4 Testbed Setup Terminologies Used v
7 4.2 Cache Setup Firewall Configuration Web Server Setup Topology Definition Hardware and Software Specifications Hardware Specifications Software Specifications Chapter 5 Results and Analysis Evaluation Scenarios P n ICN Results Partial Mesh ICN Results Comparison with other Simulation Results Comparison of Trends over Different Cache Replacement Policies.. 35 Chapter 6 Conclusions and Future Work Results Summary Implementation Challenges Future Research Directions References Appendix A Additional Results A.1 P n ICN A.2 Partial Mesh ICN Vita vi
8 FIGURES Figure 2.1 ICN Communication Model Figure 3.1 Squid Configuration Figure 3.2 Wget Configuration Figure 3.3 Wget Invoke Figure 3.4 Rsyslog Configuration Figure 3.5 Overview of the ICNs Figure 4.1 Squid Cache Setup with Web Server Figure 4.2 Static IP Address Definitions Figure 4.3 Entries to the Configuration file Figure 4.4 Firewall Configuration Figure 4.5 Web Server Setup Figure 4.6 Path (P n ) Topology Figure 4.7 Partial Mesh Topology with 11 Nodes Figure 4.8 Partial Mesh Topology with 4 Nodes Figure 5.1 P 4 ICN with LRU Figure 5.2 P 11 ICN with LRU Figure 5.3 Partial Mesh ICN with 4 Nodes with LRU Figure 5.4 Partial Mesh ICN with 11 Nodes with LRU Figure 5.5 Simulation on a P n ICN Figure 5.6 P 11 ICN Figure 5.7 Partial Mesh ICN with 11 Nodes vii
9 TABLES Table 4.1 Hardware Configuration Table 5.1 Parameters for both P n and Partial Mesh ICN Table 5.2 Parameters for P 4 with LRU Table 5.3 Parameters for P 11 with LRU Table 5.4 Parameters for Partial Mesh ICN for 4 Nodes with LRU 31 Table 5.5 Parameters for Partial Mesh ICN for 11 Nodes with LRU 32 viii
10 ABSTRACT Network security is an ongoing major problem in today s Internet world. Even though there have been simulation studies related to denial of service and cache attacks, studies of attacks on real networks are still lacking in the research. In this thesis, the effects of cache attacks in real information-centric networking systems were investigated. Cache attacks were implemented in real networks with different cache sizes and with Least Recently Used, Random and First In First Out algorithms to fill the caches in each node. The attacker hits the cache with unpopular content, making the user request that the results be fetched from web servers. The cache hit, time taken to get the result, and number of hops to serve the request were calculated with real network traffic. The results of the implementation are provided for different topologies and are compared with the simulation results. ix
11 CHAPTER 1 Introduction The rise of Internet of Things (IoT) and the Internet being the primary source for exchange of information over the network has exploded in recent years. Informationcentric networking is noteworthy in that it offers benefits such as improved efficiency, better scalability in bandwidth demand and better robustness. Improved efficiency is obtained with the temporary user data store in the cache and hence information centric network depends on caching for its implementation. Much of the research in the network security field concerns theoretical and simulation results. However, the results of network simulation often do not reveal problems that will affect the final result. Therefore, the primary focus of this research is to compare the result of a cache attack on a simulation with one on a real information centric network (ICN). Information centric networks (ICNs) have pulled in considerable interest of recent researchers in computing [14, 20, 31, 37]. The major topic of research has been focused on the use of data caching to improve the performance of the network. However, research on security concerns of data caching is still lacking. An example of a scenario that lacks security could be a mobile ad hoc network (MANET), a self-organized network system without any secured infrastructure. The effects of a Denial of Service (DoS) attack on simulated ICNs have been studied in [27]. The main goal of the attacker was to fill node caches with unpopular content, impeding caching in the ICN without increasing the likelihood of getting 1
12 detected. The attack originated from a malicious node that requested unpopular content at regular intervals. The decreased throughput and increased delay also led to higher energy consumption by the nodes of the ICN, thus reducing overall performance of the network. Using a network simulator, it was found [27] that such an attack was moderately successful against small scale networks. However, the potency of the attack rapidly decreased and became ineffective as the network size increased. In this research, Random, FIFO and LRU replacement policies were used to implement the cache attack considered different cache sizes and topologies. It is found that the attack was more effective against a First In First Out (FIFO) in comparison to a Least Recently Used (LRU) replacement policy. 1.1 Problem Statement ICNs rely on caching to increase the performance of the network, thereby reducing the number of hops needed to respond to a query. ICNs have evolved from host-centric to content-centric, and the main problem in data exchange is content caching. The authors in [27] tested a DoS attack against a simulator that simulated ICNs with various network topologies. The attack was found to be more effective for smaller networks. But testing the effects of a DoS attack on the caches of a real ICN is currently missing from the literature and is an open problem. In this work, such an attack is tested over small real ICNs. Specifically, the scalability and effectiveness of a DoS attack on real ICNs is compared to those obtained from the simulator in [27]. 2
13 1.2 Research Objective The research initially started as a study of caching-related issues in ICNs. Being a comparatively new research area, most of the research on ICNs has focused on efficient routing and cache management policies to enhance the performance of ICNs (e.g. [42, 44, 48, 49, 63]). There has been much less research done on attacks related to caching. Motivation for this work came from [18], where the authors focused on detecting cache pollution attacks in Named Data Networks (NDNs). The paper proposed a new method for launching a denial of service (DoS) to attack NDNs and also proposed ways to improve cache pollution attacks. The concepts and methods specified by [18] for NDNs were used in this work for ICNs. Our main goal for this work was to develop a method for performing a DoS attack on real small ICNs ranging from 5 to 20 nodes and on different topologies including path and mesh topology. 3
14 CHAPTER 2 Background and Existing Research In this chapter, the key concepts and definitions related to caching attacks in networking systems are discussed in order to understand the implementation of the proposed cache attack in real ICNs. 2.1 Information Centric Networking (ICN) An ICN focuses on content objects that can be accessed or cached anywhere in the network rather than solely from the end hosts. The use of ICNs has become more prominent in recent times since 2010 due to heavy Internet traffic flow. With the evolution of the Internet from being host-centric to being network-centric, ICN aims to provide in-network caching to deliver content efficiently. The main reason to shift from host-centric to content-centric or information-centric networking is that the Internet is currently focused on delivering high volumes of digital data (e.g. 3D, 4D, movies, pictures) to users. The users need only the content of the data and are not interested in the source location. Being a comparatively new research area, and most of the ICN research has focused on improving routing [7, 14], and not as much research on issues related to security and privacy [1, 20] of ICN. In [1], the researchers briefly discussed types and impacts of ICN attacks and how the attacker depends on the ICN attributes to perform 4
15 the attack. The impact of security requirements and the severity levels of attacks were also clearly stated with the solutions. As shown in the Fig. 2.1, ICN communication takes place hop-to-hop from the user to the server or to the nearest hop to fulfill the user request. Figure 2.1: ICN Communication Model The authors in [20] provided a brief assessment of DoS and distributed denial of service (DDoS) attacks and suggested a few possible countermeasures. The authors identified new types of DoS-based attacks, which can impact an ICN network interest flooding and content/cache poisoning and provided a brief discussion of their effects and countermeasures. The researchers in [20] also discussed the privacy risks of ICN caching and continued investigating to the extent by which the nearby user, in the role of an 5
16 adversary, has requested the content and they proposed a solution to reduce such attacks. In [43], the authors presented a framework for delivering content in ICNs securely and with high availability. In [58], the authors proposed a secure naming system that allows decoupling content authentication from its location in a network. The benefits of the proposed methodology in [58] are security of mapping functions between high-level names and cryptographic identifiers at the network level, authentication of the content with its provider regardless of the location from where it was retrieved, reduction of possible threats during the resolution procedure [20]. 2.2 Cache attack The cache memory is the temporary memory shared by multiple processes. The cache is accessible by the user and the attacker. This temporary memory is used to store the content invoked by the user for any requests to improve the efficiency for the future requests. Thereby if the user requests such content, it will be fetched directly from the cache itself or by the nearby hosts without reaching the web server to fetch the user data. A caching attack is defined as the filling of the cache with some random data. Although simulation results are available that compare the performance of a caching attack in the ICN [27], there are no experimental results that evaluate the performance of cache attack on real ICNs. That is the focus of this research. 6
17 2.3 Related work A considerable amount of research has proven the effectiveness of using data caching to increase performance, but research on the implementation of data caching in real networking systems and foiling attacks is still lagging behind Motivation for this Research In designing a secure network, research involving the software simulation of attacks is not enough, and there have been experiments to test and compare simulation results with that on real network systems. In [2, 3], firewalls and VPNs produced different results in real networks when compared to prototypes and virtual modeling software because the simulation results were not based on real network traffic. In [38], the authors have performed a comparison between analytical and simulation research on ad hoc wireless networks.they identify factors in wireless networks like hills, obstacles, link asymmetries, and unpredictable fading not encapsulated by a simulator. In [12], the researchers stress the need to test Internet protocols under varied conditions to determine whether they are robust and reliable". Specifically, they mention the following necessary simulation scenarios every network simulator should 7
18 capture: 1. Network topologies that define links and their characteristics. 2. Traffic models that specify sender and receiver locations and demands. 3. Network dynamics that include node and link failures The researchers of this paper developed a common network simulator platform to encompass various scenarios on which other researchers can test various networking protocols. However, they concluded that their simulator still lacked aspects of a real network. These aspects may include: 1. Developing mechanisms for the successful integration of code from the user community; and 2. Developing tools for large-scale simulations with a diverse traffic mix. These could only be captured by experimenting over real networks. The researchers of [8] also identify shortcomings of network simulators. They point out that wide-area testbeds and custom simulators though valuable, have significant shortcomings which can only be studied through real networks. These approaches often lack the wide mix of network traffic and topologies found in real networks. Also, the repetition of experiments under controlled conditions can be difficult to expose the real network traffic. The researchers in [5, 62] point out the importance of performing real experiments over simulations for neural networks. In particular, while using simulators, the experimental design chosen for the neural network training set can have a very high 8
19 impact on the predictive accuracy achieved by the simulator. Hence simulation results become limited in their accuracy. These differences in results were the motivation for this research work. It has been attempted to test and compare results produced by [27] over a simulator to that of real ICNs. This attempt is made to investigate whether the cache attack indeed produces the same effect over real ICNs in presence of factors that are not present in a simulator, e.g. network traffic, delay in packet transmission due to network bandwidth, web-based viruses, etc. 9
20 CHAPTER 3 Implementation of Real ICN In this research, cache attacks have been implemented over real information centric networking systems. To better understand the research, the technologies used in ICN network implementation are discussed in detail in this chapter. 3.1 Tools Used for Network Implementation Technologies (tools) described in this section have been used to implement ICNs in this research work; these technologies are also used to implement a broad array of other networks Content Delivery Content delivery is the service of copying the pages of a website to geographically dispersed servers and when the page is requested, dynamically identifying and serving page content from the closest server to the user, enabling faster delivery [29, 51, 54, 59, 60]. Content delivery works by placing cache servers at main access points around the world and using a routing code such as Hypertext Transfer Protocol (HTTP), which redirects the request for the web page to the closest server. 10
21 When a user clicks on the URL, which is content enabled, the content delivery network reroutes from the originating server to the cache server which is closest to the user. The cache then determines if the requested content exists in the cache server and then serves that content. If the content is new then it is retrieved from the web server and cached locally Squid Web Proxy Server Squid (software) is a web proxy server daemon supporting HTTP, HTTPS, FTP and many more [10, 23, 25, 39, 56]. It is responsible for caching and reusing frequently requested web pages and thereby helps in reducing the response time. It also helps in caching web, DNS and other computer network lookups for groups of people sharing network resources. In order to optimize network throughput, Squid routes content requests to servers in many different ways to build cache server hierarchy. Squid is used by Internet service providers to increase network speed to their customers and also to LANs that share their Internet connection. Because of its proxy nature, which filters network traffic, it provides security and anonymity. The configuration file to configure the Squid server is given in Fig $vi/etc./wgetrc; $cd /var/squid/squid.conf Figure 3.1: Squid Configuration 11
22 3.1.3 Wget Function GNU Wget (Wget) is a software package for retrieving content from web servers. It supports downloading files from HTTP, HTTPS and FTP protocols as well as retrieval through HTTP proxies [36, 45, 46, 47, 55]. It is a non-interactive command line tool that can easily invoke scripts and fetch data. Some of its advantages include robustness, recursive download, portability and support for proxy. The configuration file for Wget is given in Fig $vi /etc./wgetrc Figure 3.2: Wget Configuration Wget can be invoked by a simple command line whose basic syntax is given in Fig $wget [option] [URL] $wget Figure 3.3: Wget Invoke Rsyslog Rsyslog is open-source software used on UNIX-like operating system for transmitting log messages in an IP network. It is helpful for logging information and 12
23 accepting inputs from different sources and transforming and outputting the results to different destinations, thus supporting both local and remote logging [13, 19, 26, 40, 53]. Every logged message contains a timestamp, a hostname field and a program name field. Rsyslog supports precise timestamps and writing directly to databases. Rsyslog is also used for implementing DoS attacks: a programmer could flood the Rsyslog daemon with Syslog messages resulting in the log files consuming all the remaining space on the file system [17, 30]. Some of the features of Rsyslog include excellent security and modular design. The configuration file for Rsyslog is given in Fig $cd /etc/rsyslog.conf Figure 3.4: Rsyslog Configuration 3.2 Implementation Methodology In the real network, the ICN was initially set up with the cache and web servers. This setup allows the user to access or fetch data from the web server. The user request will be sent as query to the server, which then will be served by a nearby cache or the web server based on content availability. The basic steps in the methodology were: 1. Implement caching networks over nodes. 2. Implement querying for documents over the networks. 3. Assuming one or more nodes are compromised, implement the attack and evaluate the change in performance of the networks. 13
24 3.2.1 Overview of the Implemented ICNs In this sub section, we provide an overview of the implemented ICNs on which we have tested the effect of the cache attack. The two ICNs (with 4 and 8 nodes) implemented for this research worked exactly the same way as shown in the example of Fig The ICN in Fig. 3.5 contains 8 nodes. The last (rightmost node) is the web server that would contain all files the user would request. Figure 3.5: Overview of the ICNs In network terminology, such a web server that owns a particular file, is called the custodian of that file. In the ICN of Fig. 3.5, the 7 remaining nodes could be users querying for files. Each of these nodes will have its own cache that stores any file relayed via that node. One such node in the ICN (the leftmost node) is designated as the user for illustration. When the user generates a query for a file, the query 14
25 propagates through all the nodes in the route. The file is searched for in the cache of any intermediate node in the path. The query is answered if the file is found in the cache of any of these nodes. If not, the query is answered only after reaching the web server, which then relays back the file via the intermediate nodes to serve the request. These intermediate nodes will store the file in their respective caches. The idea of ICN as mentioned before is a distributed system of nodes that would decrease the response times for queries using caches. It is expected that the next query for the same file by any user will not have to propagate to the web server, but will be catered by one of the intermediate nodes (being found in its cache). This way, the average response time for the ICN is reduced, enhancing the overall performance of the network Specification of the Implemented ICNs Each node in the ICNs contains a hash table to direct a query to the next hop to serve the user s request. The network topologies considered in this research were line and mesh. Detailed description of these topologies are given in Chapter 4. In the real world (e.g. videos of Youtube), some documents (files in our case, and videos in case of Youtube) have much higher popularity over others. For example, some videos in Youtube have over a million views, while there are others with less than 10 views. It is well known that web content request popularity follows a Zipfian-like distributions [11, 24, 33, 34, 35, 61]. The file popularity level in this work was assumed to follow the same Zipfian distribution. The common values considered in the Zipfian distribution are usually chosen as α = 0.65 and α = Since the change in alpha value will have the same difference ratio, α = 0.65 has been used throughout this experiment. The caches of all the nodes will be empty in 15
26 the initial phase, and thus a warm-up test was carried out to fill the caches before experimental results were calculated. Parameters used to measure performance were: 1. Average number of increase in hops for queries. 2. Average delay for each request in the network. For each user s request, Dijkstra s algorithm [32] is used to find the shortest path to the custodian which could be either the cache of an intermediate node in case of a popular file, or the web server (if the file is not found in the cache of any intermediate node in the path). The cache sizes considered in this research are 10 MB and 40 MB, and the number of nodes considered are 4 and 11. For experimental purposes, the ICN with 4 nodes is considered as a small network and the ICN with 11 nodes is considered a mid-sized network. In this work, the effect of the cache attack on both these ICNs with the real network traffic and firewall in place is compared to the results stated in [27] for networks of same sizes over the simulator Idea of the Performed Cache Attack The goal of the attacker is to feed caches of all nodes in the ICN with extremely unpopular content (files in this case) and therefore render every user s request unavailable in the cache forcing it hop till the web server. Hence the time taken for each request (query) will be more, increasing the average response time for query for the ICN, and reducing its efficiency. The assumption is the attacker has control over one or more nodes in the ICN from which the attacker generates 16
27 queries for extremely unpopular contents periodically in order to fill in the caches of the intermediate nodes with these unpopular contents. The node(s) controlled by the attacker is (are) called compromised node(s). This cache attack is performed on the both the ICNs (with 4 and 11 nodes) with one compromised node. Then the same attack is repeated with two compromised nodes for both the ICNs, and also with four and eight compromised nodes for the ICN with 11 nodes. To recall, according to [27], in the large network, the impact of cache attack was less whereas in the smaller network, the impact was higher. 17
28 CHAPTER 4 Testbed Setup In this chapter, we illustrate the experimental setup in details. At the onset, we define some terms that we use throughout in this thesis. 4.1 Terminologies Used Nodes: Nodes are defined as any machine in the network (ICN). Requester Nodes: These are the nodes that would periodically request data (files) in the network (ICN). Requester nodes are also referred to as users or user nodes in this work. Attacker Nodes: These are the nodes that would periodically request extremely unpopular data (files) in the network (ICN). Attacker nodes are also referred to as compromised nodes in this work. The intent of the attacker as mentioned before is to fill out caches with unpopular content. Web Server: This node contains all files the requester nodes would request. This node is also referred to as a custodian node in this work. 18
29 4.2 Cache Setup The code that accomplishes any cache activity such as filling the data in the cache and fetching the content has been written using Python scripting language. The open source Squid web proxy has been installed in every node including the web server. The cache proxies contents were stored in the main memory and ensured that the system was not shut down during the experiment. The experiments were made without attacker and with 1 and 2 attacker(s) were implemented on both the ICNs with 4 and 11 nodes. Additionally, experiments with 4 and 8 attackers were performed with the ICN with 11 nodes (caches). The user sends a HTTP request as shown in the Fig. 4.1, which then seeks the content on the caches of the intermediate nodes in the path, and then onto the web server (if the content was not found in any of the caches of the intermediate nodes). Figure 4.1: Squid Cache Setup with Web Server 19
30 Each node was allocated a static (specific) IP address throughout the experiments. The caches were stored in the main memory of each node, and therefore by default, Dynamic Host Configuration Protocol (DHCP) is invoked to assign new IP addresses to the nodes each time the ICN is restarted [6, 21, 22, 41, 50]. To implement static IP address configurations, Dynamic Host Configuration Protocol (DHCP) was disabled and a static IP address was defined for each node as shown in Fig $vi /var/log/squid/ip.txt cache cache cache cache cache cache cache cache cache cache cache cache 11 / webserver Figure 4.2: Static IP Address Definitions The following entries were added at the end of the configuration file to disable DHCP, and the file was saved as shown in Fig
31 # disable ipv6 net.ipv6.conf.all.disable_ipv6 = 1 net.ipv6.conf.default.disable_ipv6 = 1 net.ipv6.conf.lo.disable_ipv6 = 1 Figure 4.3: Entries to the Configuration file 4.3 Firewall Configuration The Linux IPtable configuration file was used to define the incoming and outgoing ports to accept or deny incoming content. This is the process which secured the network and monitored the traffic flow within the network. Also the use of the firewall differentiates the experimental results from simulation results (of [27]), since this experiments involve real network traffic. The configuration file for the firewall is shown in Fig $cd var/log/squid/iptables.config $cd var/log/squid/squid.config Figure 4.4: Firewall Configuration 4.4 Web Server Setup One of the nodes was considered to be the web server where all the files were stored. Squid proxy was set up in the web server as well. The files in the web server could be fetched from any other node per the user request using the wget function. As shown in Fig. 4.5, the first line defines the web server with an IP address of The next line is a query for the file file1 requested 21
32 from this web server. The attacker also used the same technique to fetch files and populate caches of other nodes with unpopular content (files). $ cache 11 / webserver $wget Figure 4.5: Web Server Setup 4.5 Topology Definition The two topologies considered were path and mesh topology. Path topology is defined as the path of order n that has n vertices denoted by P n [15]. Among these two topologies, the mesh topology exhibits the real world scenario. But in a full mesh topology, every node of the network is connected to every other node. In an ICN, however this is not feasible since this defeats the purpose of caching (since every node becomes a neighbor of the web server). Therefore to better represent an ICN, a partial mesh network has been implemented and used for the experiments. Both these networks were implemented to compare results of the simulation of [27] with those of real ICNs. As shown in the Fig. 4.6, the caches were built on each work station (node) along with the web server. In this topology, the user request and the attacker request will be generated at random. The network is full duplex. Fig. 4.8 and Fig. 4.7 show the representation of the partial mesh topologies with 4 and 11 nodes respectively used in this work. 22
33 Figure 4.6: Path (P n ) Topology Figure 4.7: Partial Mesh Topology with 11 Nodes In the partial mesh topology, each node has at least two neighbors [52]. An exception to that has been made in Fig. 4.8, where the web server is connected to only one node. Each user request will use the Dijkstra s algorithm [32] to find the shortest path to fetch the file either from the cache of another node (including its own cache), or from the web server in case the cache of any intermediate node does not contain the requested file. 23
34 Figure 4.8: Partial Mesh Topology with 4 Nodes 4.6 Hardware and Software Specifications Hardware Specifications For this research work, all the caches/nodes had the same configuration as described in Table Software Specifications Linux flavor Ubuntu14.0 AMI was mounted on the workstations. Java JDK version 1.7 was installed, along with Python 2.6. The firewall was configured using Linux 24
35 Operating System Gnome Ubuntu Processor Intel Core 2 Quad Q GHz x4 OS Type 64 bit Memory Size 3.7 GB Disk Size 28.2 GB Table 4.1: Hardware Configuration IPtable. Squid open source proxy was installed on every node (including the web server node). Squid configuration file was configured in each node to specify the node and the next hop, thereby implementing line and partial mesh topologies. 25
36 CHAPTER 5 Results and Analysis Once the ICN was set up with the line or partial mesh topology, the system was ready to implement the cache attack on the ICN. The smaller network consisted of 4 nodes and the larger network consisted of 11 nodes. In [27], the researchers found in a simulation environment that the attack was considerably more effective with FIFO replacement policy over LRU and random. In this research therefore LRU, Random, and FIFO policies have been used to compare the results with [27]. There were a fixed number of files with a fixed size for each experiment scenario. The popularity of each file was assigned based on a Zipfian distribution with a Zipfian α value of This α is the most common Zipfian value. Another common value of α, (0.85) has been used in [27] for very large networks of more than 100 nodes, which were not considered in this research (due to lack of resources). It is to be noted, since the value of α remains constant throughout the set of experiments, the same set experiments performed with a different value of α will only change numerical results, but not the overall conclusions obtained the experiments. The results of using a different value for α will thus be numerically but not qualitatively different, although a fixed value of α = 0.65 has been used in these experiments. 26
37 5.1 Evaluation Scenarios Once the popularities of the files were set with the given Zipfian distribution α value, the effectiveness of the attack and the average time taken for the ICN to respond to a request without and in presence of attacker(s) was measured. For this research cache sizes of 10 MB and 40 MB were chosen. The different values of parameters used for both path and partial mesh scenarios are given in Table P n ICN Results In the P n ICN scenario, the rate of requests from the normal and attacker nodes are the same. The aim of this scenario was to compare the results obtained out of this experiment with a similar scenario of [27]. This scenario also proves the attack to be possible on a real ICN and thus establishes its validity. Parameter Values Policy LRU, Random, FIFO #nodes 4, 11 Cache size 10MB, 40MB File size 1MB #files 400 % of unpopular files 120% #attackers 0, 1, 2, 4, 8 Table 5.1: Parameters for both P n and Partial Mesh ICN As stated in Table 5.1, each of the replacement policies LRU, FIFO, and Random 27
38 were tested in this scenario. The ICN with 4 nodes was tested with 0, 1, and 2 attackers, and that with 11 nodes was tested with 0, 1, 2, 4, and 8 attackers. Additionally, going by the results of [27], the number of unpopular files each attacker can request has been fixed at 120% of the cache size in MB. Therefore with a cache size of 10MB, the attacker requests at least 12 popular files, and with a cache size of 40MB, the attacker always requests at least 48 popular files. The total number of files used in the experiments is 400. In this section, we present the results for the following parameters as listed in Table 5.2 for illustration and discussion. Parameter Values Policy LRU #nodes 4 Cache size 10MB, 40MB File size 1MB #files 400 % of unpopular files 120% #attackers 0, 1, 2 Table 5.2: Parameters for P 4 with LRU In Fig. 5.1, the effect of cache attack in the P 4 ICN nodes is illustrated. 28
39 4 2 Attackers 1 Attacker 0 Attackers Response Time [S] Cache Size [MB] Figure 5.1: P 4 ICN with LRU All result sets were obtained after the initial warm-up that fills the cache with random data. As is exhibited in Fig. 5.1, it is found that the impact of the cache attack appears to increase with the increase in the number of attackers, since the response time for requests increases with the increase in the number of attackers. This result is consistent with [27] for the same parameters thus validating this attack on a real ICN. Another result of experiments with the P 11 is also illustrated. The parameters for that is specified in Table 5.3. In Fig. 5.2, the effect of cache attack in the P 11 ICN is illustrated. 29
40 Parameter Values Policy LRU #nodes 11 Cache size 10MB, 40MB File size 1MB #files 400 % of unpopular files 120% #attackers 0, 1, 2, 4, 8 Table 5.3: Parameters for P 11 with LRU Again as is exhibited in Fig. 5.2, it is found that the impact of the cache attack appears to increase with the increase in the number of attackers for the P 11 ICN. 6 5 Response Time [S] Attackers 4 Attackers 2 Attackers 1 Attacker 0 Attackers Cache Size [MB] Figure 5.2: P 11 ICN with LRU 30
41 Additional results of the P n ICN scenario has been put in Appendix A Partial Mesh ICN Results In this section, we present the results for the partial mesh ICN. The following parameters as listed in Table 5.4 for illustration and discussion. Parameter Values Policy LRU #nodes 4 Cache size 10MB, 40MB File size 1MB #files 400 % of unpopular files 120% #attackers 0, 1, 2 Table 5.4: Parameters for Partial Mesh ICN for 4 Nodes with LRU In Fig. 5.3, the effect of cache attack in the P 4 ICN is illustrated. All result sets were obtained after the initial warm-up that fills the cache with random data. As is exhibited in Fig. 5.3, it is found that the impact of the cache attack increases with the increase in the number of attackers, since the response time for requests increases with the increase in the number of attackers. This result is consistent with [27] for the same parameters thus validating this attack on a real 31
42 ICN. 5 Response Time [S] Cache Size [MB] 2 Attackers 1 Attacker 0 Attackers Figure 5.3: Partial Mesh ICN with 4 Nodes with LRU Another result of experiments with the partial mesh ICN with 11 nodes is also illustrated. The parameters for that is specified in Table 5.5. Parameter Values Policy LRU #nodes 11 Cache size 10MB, 40MB File size 1MB #files 400 % of unpopular files 120% #attackers 0, 1, 2, 4, 8 Table 5.5: Parameters for Partial Mesh ICN for 11 Nodes with LRU 32
43 In Fig. 5.4, the effect of cache attack in the partial mesh ICN with 11 nodes is illustrated. 6 5 Response Time [S] Attackers 4 Attackers 2 Attackers 1 Attacker 0 Attackers Cache Size [MB] Figure 5.4: Partial Mesh ICN with 11 Nodes with LRU Again as is exhibited in Fig. 5.2, it is found that the impact of the cache attack increases with the increase in the number of attackers for the P 11 ICN. Additional results of the partial mesh ICN scenario has been put in Appendix A.2. 33
44 5.4 Comparison with other Simulation Results Fig. 5.5 shows the trends of similar experiments conducted in a simulator over a P n ICN with comparable parameters. These trends are extremely similar to Fig Figure 5.5: Simulation on a P n ICN Comparing the trends of Fig 5.5 and Fig 5.1, the difference in the beginning is due to the fact that no cache was used in the starting point by [27] for the experimental scenario of Fig. 5.5, while caches of size 10 MB were used at the starting point in this work. This validates the fact that the simulation results could be replicated in the real world, and it confirms that this cache attack is a threat for ICNs. 34
45 5.5 Comparison of Trends over Different Cache Replacement Policies Next the effect of the cache attack has been compared for different cache policies on both kinds of ICN. In particular, Fig. 5.6 compares the effect of the cache attack on a path network topology of P 11 with cache replacement policies LRU, FIFO, and Random. For each replacement policy, the percentage increase in average response time for requests with 0 attackers and 8 attackers respectively with cache sizes 10 MB and 40 MB have been reported in the plots. As is observed from Fig. 5.6, the effect of the cache attack is the most for FIFO, and the least for LRU replacement policy for the P n ICN. % increase in Response Time LRU FIFO Random Figure 5.6: P 11 ICN Fig. 5.7 compares the effect of the cache attack on the partial mesh network of 11 nodes with cache replacement policies LRU, FIFO, and Random. Again, for each 35
46 replacement policy, the percentage increase in average response time for requests with 0 attackers and 8 attackers respectively with cache sizes 10 MB and 40 MB have been reported in the plots. As is observed from Fig. 5.7, the effect of the cache attack is again the most for FIFO, and the least for LRU replacement policy for the P n ICN. But one difference here is for a cache size of 40, the difference in effect between the policies is more pronounced in the partial mesh ICN than the P n ICN. This is probably due to the complicated topological structure of the mesh network over the line network. % increase in Response Time LRU FIFO Random Figure 5.7: Partial Mesh ICN with 11 Nodes. LRU has been found to be the best policy in various different network settings in different research works (e.g. [4, 9, 57]). Therefore the performance of LRU policy against the cache attack is not surprising. In [27], simulation also had shown 36
47 similar results proving LRU as the best replacement policy. The response time in the network is an important factor that includes the transmission delay (Delay or latency is the time taken for a unit of data to be transmitted across a network link) to the destination, the processing time at both source and destination, the delay along the path, and the transmission time back to the source. The difference in the average response time has been seen in the real ICN from this experiment which were similar to the simulator results. 37
48 CHAPTER 6 Conclusions and Future Work 6.1 Results Summary This research work focused on testing real time ICN systems to determine the results on the real network and to compare the same with the prior simulation results [27] on the effect of a cache attack on such systems (this work was mentioned as a future research direction in [27, 28]). During the experiments we discovered other factors affecting network performance which had previously gone unnoticed in simulations. The factors include network traffic, delay in packet transmission due to network bandwidth, web-based viruses, and an attack on a web server which has no backup server. These were the factors considered in this experiment which uses the laboratory networking system. The result trends were almost the same as those in the simulations even after considering the real network factors which proves that the cache attack had high impact in the smaller network and was less effective for larger ICNs. 6.2 Implementation Challenges To set up the laboratory network, an information centric network initially consisting of four caches was set up and preliminary results were obtained. The cache was 38
49 stored in the main memory under the assumption that the system power would never go off. Unfortunately, during a hurricane, the building lost its power and the research setup was disturbed. All the IP s also changed because by default IP addresses were dynamically assigned. The entire cache setup with the web server was rebuilt again, this time with the static IP addresses. Therefore, the recommendation to for future researchers is to use static IP addresses for the nodes during this experiment. 6.3 Future Research Directions This research can be further extended by evaluating the performance under cache attack of larger (30 or more nodes) ICNs in the public cloud such as Microsoft Azure or Amazon Web Services. Further, the results can be repeated with the addition of smarter attacking techniques, which considers the wait time (e.g. characteristic time [16]) for each attack to flood the cache with unpopular content. In this research, since wait time was not considered even if the attacker hit the cache with zero time interval, it did not affect performance but merely raised the number of attacks on the ICN. This study extended the results of cache attacks in simulated networks to real ICNs, and will be helpful for further advancing research in real networking systems. 39
50 REFERENCES [1] Abdallah, E. G., Hassanein, H. S., and Zulkernine, M. A survey of security attacks in information-centric networking. IEEE Communications Surveys & Tutorials 17, 3 (2015), [2] Akbaş, D., and Gümüşkaya, H. modeling and analysis of an enterprise network and its security structures. In Electrical, Electronics and Computer Engineering (ELECO), 2010 National Conference on (2010), IEEE, pp [3] Akbaş, D., and Gümüşkaya, H. Real and opnet modeling and analysis of an enterprise network and its security structures. Procedia Computer Science 3 (2011), [4] Al-Zoubi, H., Milenkovic, A., and Milenkovic, M. Performance evaluation of cache replacement policies for the spec cpu2000 benchmark suite. In Proceedings of the 42nd annual Southeast regional conference (2004), ACM, pp [5] Alam, F. M., McNaught, K. R., and Ringrose, T. J. A comparison of experimental designs in the development of a neural network simulation metamodel. Simulation Modelling Practice and Theory 12, 7 (2004), Simulation in Operational Research. [6] Aura, T., Roe, M., and Murdoch, S. Dynamic host configuration protocol, Aug US Patent 8,239,
51 [7] Badov, M., Seetharam, A., Kurose, J., Firoiu, V., and Nanda, S. Congestion-aware caching and search in information-centric networks. In Proceedings of the 1st ACM Conference on Information-Centric Networking (2014), ACM, pp [8] Bajaj, S., Breslau, L., Estrin, D., Fall, K., Floyd, S., Haldar, P., Handley, M., Helmy, A., Heidemann, J., Huang, P., et al. Improving simulation for network research. [9] Balamash, A., and Krunz, M. An overview of web caching replacement algorithms. IEEE Communications Surveys & Tutorials 6, 2 (2004). [10] Barish, G., and Obraczke, K. World wide web caching: Trends and techniques. IEEE Communications magazine 38, 5 (2000), [11] Breslau, L., Cao, P., Fan, L., Phillips, G., and Shenker, S. Web caching and zipf-like distributions: Evidence and implications. In INFOCOM 99. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. Proceedings. IEEE (1999), vol. 1, IEEE, pp [12] Breslau, L., Estrin, D., Fall, K., Floyd, S., Heidemann, J., Helmy, A., Huang, P., McCanne, S., Varadhan, K., Xu, Y., et al. Advances in network simulation. Computer 33, 5 (2000), [13] Cao, P., Badger, E. C., Kalbarczyk, Z. T., Iyer, R. K., Withers, A., and Slagell, A. J. Towards an unified security testbed and security analytics framework. In Proceedings of the 2015 Symposium and Bootcamp on the Science of Security (2015), ACM, p
52 [14] Chai, W. K., He, D., Psaras, I., and Pavlou, G. Cache less for more in information-centric networks. In International Conference on Research in Networking (2012), Springer, pp [15] Chartrand, Gary and Zhang, Ping A first course in graph theory Courier Corporation, [16] Che, H., Wang, Z., and Tung, Y. Analysis and design of hierarchical web caching systems. In INFOCOM Twentieth Annual Joint Conference of the IEEE Computer and Communications Societies. Proceedings. IEEE (2001), vol. 3, IEEE, pp [17] Choi, S.-K., Yang, C.-H., and Kwak, J. System hardening and security monitoring for iot devices to mitigate iot security vulnerabilities and threats. KSII Transactions on Internet & Information Systems 12, 2 (2018). [18] Conti, M., Gasti, P., and Teoli, M. A lightweight mechanism for detection of cache pollution attacks in named data networking. Computer Networks 57, 16 (2013), [19] DeConinck, A., Bonnie, A., Kelly, K., Sanchez, S., Martin, C., Mason, M., Brandt, J., Gentile, A., Allan, B., Agelastos, A., et al. Design and implementation of a scalable monitoring system for trinity. Proc. Cray User s Group (2016). [20] Demetrio, L., Paolo, M., and Massimo, M. Numerical simulation of shot noise in disordered graphene nd international conference on noise and fluctuations (icnf). In ICNF2013 (2013), IEEE, pp [21] Droms, R. Dynamic host configuration protocol. Tech. rep.,
On the Scalability and Effectiveness of a Cache Pollution based DoS Attack in Information Centric Networks
On the Scalability and Effectiveness of a Cache Pollution based DoS Attack in Information Centric Networks Jeffery Gouge School of Computing University of North Florida Jacksonville, FL Anand Seetharam
More informationElimination Of Redundant Data using user Centric Data in Delay Tolerant Network
IJIRST International Journal for Innovative Research in Science & Technology Volume 1 Issue 9 February 2015 ISSN (online): 2349-6010 Elimination Of Redundant Data using user Centric Data in Delay Tolerant
More informationIntroduction and Statement of the Problem
Chapter 1 Introduction and Statement of the Problem 1.1 Introduction Unlike conventional cellular wireless mobile networks that rely on centralized infrastructure to support mobility. An Adhoc network
More informationEvent Driven Routing Protocols For Wireless Sensor Networks
Event Driven Routing Protocols For Wireless Sensor Networks Sherif Moussa 1, Ghada Abdel Halim 2, Salah Abdel-Mageid 2 1 Faculty of Engineering, Canadian University Dubai, Dubai, UAE. 2 Faculty of Engineering,
More informationEvaluation of Performance of Cooperative Web Caching with Web Polygraph
Evaluation of Performance of Cooperative Web Caching with Web Polygraph Ping Du Jaspal Subhlok Department of Computer Science University of Houston Houston, TX 77204 {pdu, jaspal}@uh.edu Abstract This
More informationDynamic Design of Cellular Wireless Networks via Self Organizing Mechanism
Dynamic Design of Cellular Wireless Networks via Self Organizing Mechanism V.Narasimha Raghavan, M.Venkatesh, Divya Sridharabalan, T.Sabhanayagam, Nithin Bharath Abstract In our paper, we are utilizing
More informationDesign and Implementation of A P2P Cooperative Proxy Cache System
Design and Implementation of A PP Cooperative Proxy Cache System James Z. Wang Vipul Bhulawala Department of Computer Science Clemson University, Box 40974 Clemson, SC 94-0974, USA +1-84--778 {jzwang,
More informationKeywords Mobile Ad hoc Networks, Multi-hop Routing, Infrastructure less, Multicast Routing, Routing.
Volume 4, Issue 7, July 2014 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com A Study on Various
More informationProactive-Caching based Information Centric Networking Architecture for Reliable Green Communication in ITS
ITU Kaleidoscope 2015 Trust in the Information Society Proactive-Caching based Information Centric Networking Architecture for Reliable Green Communication in ITS Presenter: Prof. PhD. Takuro SATO Waseda
More informationDefending MANET against Blackhole Attackusing Modified AODV
IJSTE - International Journal of Science Technology & Engineering Volume 1 Issue 2 August 214 ISSN(online) : 2349-784X Defending MANET against Blackhole Attackusing Modified AODV Devang S. Patel P.G. Student
More informationA senior design project on network security
Michigan Technological University Digital Commons @ Michigan Tech School of Business and Economics Publications School of Business and Economics Fall 2007 A senior design project on network security Yu
More informationAn Cross Layer Collaborating Cache Scheme to Improve Performance of HTTP Clients in MANETs
An Cross Layer Collaborating Cache Scheme to Improve Performance of HTTP Clients in MANETs Jin Liu 1, Hongmin Ren 1, Jun Wang 2, Jin Wang 2 1 College of Information Engineering, Shanghai Maritime University,
More informationCSE Computer Security (Fall 2006)
CSE 543 - Computer Security (Fall 2006) Lecture 18 - Network Security November 7, 2006 URL: http://www.cse.psu.edu/~tjaeger/cse543-f06/ 1 Denial of Service Intentional prevention of access to valued resource
More informationA Framework for Optimizing IP over Ethernet Naming System
www.ijcsi.org 72 A Framework for Optimizing IP over Ethernet Naming System Waleed Kh. Alzubaidi 1, Dr. Longzheng Cai 2 and Shaymaa A. Alyawer 3 1 Information Technology Department University of Tun Abdul
More informationReducing the Size of Routing Tables for Large-scale Network Simulation
Reducing the Size of Routing Tables for Large-scale Network Simulation Akihito Hiromori, Hirozumi Yamaguchi, Keiichi Yasumoto, Teruo Higashino and Kenichi Taniguchi Graduate School of Engineering Science,
More informationA Firewall Architecture to Enhance Performance of Enterprise Network
A Firewall Architecture to Enhance Performance of Enterprise Network Hailu Tegenaw HiLCoE, Computer Science Programme, Ethiopia Commercial Bank of Ethiopia, Ethiopia hailutegenaw@yahoo.com Mesfin Kifle
More informationChapter 7 CONCLUSION
97 Chapter 7 CONCLUSION 7.1. Introduction A Mobile Ad-hoc Network (MANET) could be considered as network of mobile nodes which communicate with each other without any fixed infrastructure. The nodes in
More informationPerformance Analysis of Mobile Ad Hoc Network in the Presence of Wormhole Attack
Performance Analysis of Mobile Ad Hoc Network in the Presence of Wormhole Attack F. Anne Jenefer & D. Vydeki E-mail : annejenefer@gmail.com, vydeki.d@srmeaswari.ac.in Abstract Mobile Ad-Hoc Network (MANET)
More informationMigrationWiz Security Overview
MigrationWiz Security Overview Table of Contents Introduction... 2 Overview... 2 Shared Security Approach... 2 Customer Best Practices... 2 Application Security... 4 Data Security and Handling... 4 Database
More informationTO DETECT AND RECOVER THE AUTHORIZED CLI- ENT BY USING ADAPTIVE ALGORITHM
TO DETECT AND RECOVER THE AUTHORIZED CLI- ENT BY USING ADAPTIVE ALGORITHM Anburaj. S 1, Kavitha. M 2 1,2 Department of Information Technology, SRM University, Kancheepuram, India. anburaj88@gmail.com,
More informationIncorporation of TCP Proxy Service for improving TCP throughput
Vol. 3, 98 Incorporation of Proxy Service for improving throughput G.P. Bhole and S.A. Patekar Abstract-- slow start algorithm works well for short distance between sending and receiving host. However
More informationCompTIA Exam CAS-002 CompTIA Advanced Security Practitioner (CASP) Version: 6.0 [ Total Questions: 532 ]
s@lm@n CompTIA Exam CAS-002 CompTIA Advanced Security Practitioner (CASP) Version: 6.0 [ Total Questions: 532 ] Topic break down Topic No. of Questions Topic 1: Volume A 117 Topic 2: Volume B 122 Topic
More informationSpoofing Detection in Wireless Networks
RESEARCH ARTICLE OPEN ACCESS Spoofing Detection in Wireless Networks S.Manikandan 1,C.Murugesh 2 1 PG Scholar, Department of CSE, National College of Engineering, India.mkmanikndn86@gmail.com 2 Associate
More informationSimulation & Performance Analysis of Mobile Ad-Hoc Network Routing Protocol
Simulation & Performance Analysis of Mobile Ad-Hoc Network Routing Protocol V.S.Chaudhari 1, Prof.P.N.Matte 2, Prof. V.P.Bhope 3 Department of E&TC, Raisoni College of Engineering, Ahmednagar Abstract:-
More informationProxy Server Systems Improvement Using Frequent Itemset Pattern-Based Techniques
Proceedings of the 2nd International Conference on Intelligent Systems and Image Processing 2014 Proxy Systems Improvement Using Frequent Itemset Pattern-Based Techniques Saranyoo Butkote *, Jiratta Phuboon-op,
More informationA Comparative study of On-Demand Data Delivery with Tables Driven and On-Demand Protocols for Mobile Ad-Hoc Network
A Comparative study of On-Demand Data Delivery with Tables Driven and On-Demand Protocols for Mobile Ad-Hoc Network Humayun Bakht Research Fellow, London School of Commerce, United Kingdom humayunbakht@yahoo.co.uk
More informationPerformance Testing: A Comparative Study and Analysis of Web Service Testing Tools
Performance Testing: A Comparative Study and Analysis of Web Service Testing Tools Dr.V.Asha 1, Divyabindu M C 2, Asha V 3 1,2,3 Department of Master of Computer Applications, New Horizon College of Engineering,
More informationEnsuring Trustworthiness and Security during Data Transmission in Multihop Wireless Networks
Ensuring Trustworthiness and Security during Data Transmission in Multihop Wireless Networks 1 S.Nandhini, 2 Mr.S.Franson Varun Richo, 1 PG Student, 2 Assistant professor, Francis Xavier Engineering college,
More informationPerformance Analysis of DSR Routing Protocol With and Without the Presence of Various Attacks in MANET
Performance Analysis of DSR Routing Protocol With and Without the Presence of Various Attacks in MANET Aaditya Jain M.Tech Scholar, Department of Computer Science & Engg., R. N. Modi Engineering College,
More informationDetection and Removal of Black Hole Attack in Mobile Ad hoc Network
Detection and Removal of Black Hole Attack in Mobile Ad hoc Network Harmandeep Kaur, Mr. Amarvir Singh Abstract A mobile ad hoc network consists of large number of inexpensive nodes which are geographically
More informationPerformance Evaluation of Various Routing Protocols in MANET
208 Performance Evaluation of Various Routing Protocols in MANET Jaya Jacob 1,V.Seethalakshmi 2 1 II MECS,Sri Shakthi Institute of Science and Technology, Coimbatore, India 2 Associate Professor-ECE, Sri
More informationSubject: Adhoc Networks
ISSUES IN AD HOC WIRELESS NETWORKS The major issues that affect the design, deployment, & performance of an ad hoc wireless network system are: Medium Access Scheme. Transport Layer Protocol. Routing.
More informationPerformance Of OLSR Routing Protocol Under Different Route Refresh Intervals In Ad Hoc Networks
Performance Of OLSR Routing Protocol Under Different Route Refresh Intervals In Ad Hoc Networks P.Suganthi Research Scholar Mother Teresa Women s University Kodaikanal, TamilNadu, India Dr.A.Tamilarasi
More informationNetAlly. Application Advisor. Distributed Sites and Applications. Monitor and troubleshoot end user application experience.
NetAlly Application Advisor Monitor End User Experience for Local and Remote Users, Distributed Sites and Applications Part of the OptiView Management Suite (OMS) OMS provides the breadth of visibility
More informationDetection and Localization of Multiple Spoofing using GADE and IDOL in WSN. U.Kavitha 1.
Detection and Localization of Multiple Spoofing using GADE and IDOL in WSN U.Kavitha 1 1 PG Student, Department of ECE, CK College of Engineering & Technology, Cuddalore, Tamil Nadu, India Abstract Wireless
More informationScaled VIP Algorithms for Joint Dynamic Forwarding and Caching in Named Data Networks
1896 1920 1987 2006 Scaled VIP Algorithms for Joint Dynamic Forwarding and Caching in Named Data Networks Ying Cui Shanghai Jiao Tong University, Shanghai, China Joint work with Fan Lai, Feng Qiu, Wenjie
More informationSystem Models. 2.1 Introduction 2.2 Architectural Models 2.3 Fundamental Models. Nicola Dragoni Embedded Systems Engineering DTU Informatics
System Models Nicola Dragoni Embedded Systems Engineering DTU Informatics 2.1 Introduction 2.2 Architectural Models 2.3 Fundamental Models Architectural vs Fundamental Models Systems that are intended
More informationSpecialized Security Services, Inc. REDUCE RISK WITH CONFIDENCE. s3security.com
Specialized Security Services, Inc. REDUCE RISK WITH CONFIDENCE s3security.com Security Professional Services S3 offers security services through its Security Professional Services (SPS) group, the security-consulting
More informationA Novel Review on Routing Protocols in MANETs
Robinpreet Kaur & Mritunjay Kumar Rai Department of Electronics and Engineering, Lovely Professional University, Phagwara, Punjab, India E-mail : robin_turna@yahoo.com, raimritunjay@gmail.com Abstract
More informationEXPERIMENTAL EVALUATION TO MITIGATE BYZANTINE ATTACK IN WIRELESS MESH NETWORKS
EXPERIMENTAL EVALUATION TO MITIGATE BYZANTINE ATTACK IN WIRELESS MESH NETWORKS 1 Sunil Kumar, 2 Er.Vinod Kumar Sharma Abstract-The wireless mesh networks consist of number of number that is connected to
More informationSUMMERY, CONCLUSIONS AND FUTURE WORK
Chapter - 6 SUMMERY, CONCLUSIONS AND FUTURE WORK The entire Research Work on On-Demand Routing in Multi-Hop Wireless Mobile Ad hoc Networks has been presented in simplified and easy-to-read form in six
More informationMultimedia Streaming. Mike Zink
Multimedia Streaming Mike Zink Technical Challenges Servers (and proxy caches) storage continuous media streams, e.g.: 4000 movies * 90 minutes * 10 Mbps (DVD) = 27.0 TB 15 Mbps = 40.5 TB 36 Mbps (BluRay)=
More informationEfficient Hybrid Multicast Routing Protocol for Ad-Hoc Wireless Networks
Efficient Hybrid Multicast Routing Protocol for Ad-Hoc Wireless Networks Jayanta Biswas and Mukti Barai and S. K. Nandy CAD Lab, Indian Institute of Science Bangalore, 56, India {jayanta@cadl, mbarai@cadl,
More informationChallenges in Mobile Ad Hoc Network
American Journal of Engineering Research (AJER) e-issn: 2320-0847 p-issn : 2320-0936 Volume-5, Issue-5, pp-210-216 www.ajer.org Research Paper Challenges in Mobile Ad Hoc Network Reshma S. Patil 1, Dr.
More informationAn Enhanced Algorithm to Find Dominating Set Nodes in Ad Hoc Wireless Networks
Georgia State University ScholarWorks @ Georgia State University Computer Science Theses Department of Computer Science 12-4-2006 An Enhanced Algorithm to Find Dominating Set Nodes in Ad Hoc Wireless Networks
More informationTree Rule Firewall. A Thesis Submitted for the Degree of. Doctor of Philosophy. Thawatchai Chomsiri. Faculty of Engineering and Information Technology
Tree Rule Firewall A Thesis Submitted for the Degree of Doctor of Philosophy By Thawatchai Chomsiri in Faculty of Engineering and Information Technology UNIVERSITY OF TECHNOLOGY, SYDNEY 17 th November
More informationThe DNS of Things. A. 2001:19b8:10 1:2::f5f5:1d Q. WHERE IS Peter Silva Sr. Technical Marketing
The DNS of Things Peter Silva Sr. Technical Marketing Manager @psilvas Q. WHERE IS WWW.F5.COM? A. 2001:19b8:10 1:2::f5f5:1d Advanced threats Software defined everything SDDC/Cloud Internet of Things Mobility
More informationZone-based Proactive Source Routing Protocol for Ad-hoc Networks
2014 IJSRSET Volume i Issue i Print ISSN : 2395-1990 Online ISSN : 2394-4099 Themed Section: Science Zone-based Proactive Source Routing Protocol for Ad-hoc Networks Dr.Sangheethaa.S 1, Dr. Arun Korath
More informationQuality of Service Mechanism for MANET using Linux Semra Gulder, Mathieu Déziel
Quality of Service Mechanism for MANET using Linux Semra Gulder, Mathieu Déziel Semra.gulder@crc.ca, mathieu.deziel@crc.ca Abstract: This paper describes a QoS mechanism suitable for Mobile Ad Hoc Networks
More informationA COMPARISON OF REACTIVE ROUTING PROTOCOLS DSR, AODV AND TORA IN MANET
ISSN: 2278 1323 All Rights Reserved 2016 IJARCET 296 A COMPARISON OF REACTIVE ROUTING PROTOCOLS DSR, AODV AND TORA IN MANET Dr. R. Shanmugavadivu 1, B. Chitra 2 1 Assistant Professor, Department of Computer
More informationEvaluation of Routing Protocols for Mobile Ad hoc Networks
International Journal of Soft Computing and Engineering (IJSCE) Evaluation of Routing Protocols for Mobile Ad hoc Networks Abstract Mobile Ad hoc network is a self-configuring infrastructure less network
More informationCSE Computer Security
CSE 543 - Computer Security Lecture 22 - Denial of Service November 15, 2007 URL: http://www.cse.psu.edu/~tjaeger/cse543-f07/ 1 Denial of Service Intentional prevention of access to valued resource CPU,
More informationPeerApp Case Study. November University of California, Santa Barbara, Boosts Internet Video Quality and Reduces Bandwidth Costs
PeerApp Case Study University of California, Santa Barbara, Boosts Internet Video Quality and Reduces Bandwidth Costs November 2010 Copyright 2010-2011 PeerApp Ltd. All rights reserved 1 Executive Summary
More informationA proposal of a countermeasure method against DNS amplification attacks using distributed filtering by traffic route changing
A proposal of a countermeasure method against DNS amplification attacks using distributed filtering by traffic route changing Yuki Katsurai *, Yoshitaka Nakamura **, and Osamu Takahashi ** * Graduate School
More informationA Comparative and Performance Study of On Demand Multicast Routing Protocols for Ad Hoc Networks
A Comparative and Performance Study of On Demand Multicast Routing Protocols for Ad Hoc Networks P.Madhan Mohan #, J.James Johnson #, K.Murugan $ and V.Ramachandran % # Under Graduate Student $ Senior
More informationDetection of Vampire Attack in Wireless Adhoc
Detection of Vampire Attack in Wireless Adhoc Network Ankita Shrivastava 1 ; Rakesh Verma 2 Master of Engineering Research Scholar, Medi-caps Institute of Technology and Management 1 ; Asst. Professor,
More informationPRIVACY AND TRUST-AWARE FRAMEWORK FOR SECURE ROUTING IN WIRELESS MESH NETWORKS
PRIVACY AND TRUST-AWARE FRAMEWORK FOR SECURE ROUTING IN WIRELESS MESH NETWORKS 1 PRASHANTH JAYAKUMAR, 2 P.S.KHANAGOUDAR, 3 VINAY KAVERI 1,3 Department of CSE, GIT, Belgaum, 2 Assistant Professor, Dept.
More informationPerformance Analysis of AODV using HTTP traffic under Black Hole Attack in MANET
Performance Analysis of AODV using HTTP traffic under Black Hole Attack in MANET Ekta Barkhodia 1, Parulpreet Singh 2, Gurleen Kaur Walia 3 Lovely Professional University, Phagwara, India ektab0@gmail.com,
More informationQoS multi meshed tree routing in tethered MANET
Rochester Institute of Technology RIT Scholar Works Theses Thesis/Dissertation Collections 2005 QoS multi meshed tree routing in tethered MANET Vishal Gogula Follow this and additional works at: http://scholarworks.rit.edu/theses
More informationEnergy Aware and Anonymous Location Based Efficient Routing Protocol
Energy Aware and Anonymous Location Based Efficient Routing Protocol N.Nivethitha 1, G.Balaji 2 1 PG student, 2 Asst.Professor Department of Electronics and Communication Engineering Angel College of Engineering
More informationSecurity improvement in IOT based on Software
International Journal of Scientific & Engineering Research, Volume 8, Issue 4, April-2017 122 Security improvement in IOT based on Software Raghavendra Reddy, Manoj Kumar, Dr K K Sharma Abstract With the
More informationScalable Data Analytics Pipeline for Real-Time Attack Detection; Design, Validation, and Deployment in a Honeypot Environment
Scalable Data Analytics Pipeline for Real-Time Attack Detection; Design, Validation, and Deployment in a Honeypot Environment Eric Badger Master s Student Computer Engineering 1 Overview Introduction/Motivation
More informationBehaviour of Routing Protocols of Mobile Adhoc Netwok with Increasing Number of Groups using Group Mobility Model
Behaviour of Routing Protocols of Mobile Adhoc Netwok with Increasing Number of Groups using Group Mobility Model Deepak Agrawal, Brajesh Patel Department of CSE Shri Ram Institute of Technology Jabalpur,
More informationSummary Cache based Co-operative Proxies
Summary Cache based Co-operative Proxies Project No: 1 Group No: 21 Vijay Gabale (07305004) Sagar Bijwe (07305023) 12 th November, 2007 1 Abstract Summary Cache based proxies cooperate behind a bottleneck
More informationThe Performance of MANET Routing Protocols for Scalable Video Communication
Communications and Network, 23, 5, 9-25 http://dx.doi.org/.4236/cn.23.522 Published Online May 23 (http://www.scirp.org/journal/cn) The Performance of MANET Routing Protocols for Scalable Video Communication
More informationDelay Performance of Multi-hop Wireless Sensor Networks With Mobile Sinks
Delay Performance of Multi-hop Wireless Sensor Networks With Mobile Sinks Aswathy M.V & Sreekantha Kumar V.P CSE Dept, Anna University, KCG College of Technology, Karappakkam,Chennai E-mail : aswathy.mv1@gmail.com,
More informationDetecting Insider Attacks on Databases using Blockchains
Detecting Insider Attacks on Databases using Blockchains Shubham Sharma, Rahul Gupta, Shubham Sahai Srivastava and Sandeep K. Shukla Department of Computer Science and Engineering Indian Institute of Technology,
More informationOn the Relationship of Server Disk Workloads and Client File Requests
On the Relationship of Server Workloads and Client File Requests John R. Heath Department of Computer Science University of Southern Maine Portland, Maine 43 Stephen A.R. Houser University Computing Technologies
More informationCongestion Control in Mobile Ad-Hoc Networks
Congestion Control in Mobile Ad-Hoc Networks 1 Sandeep Rana, 2 Varun Pundir, 3 Ram Sewak Singh, 4 Deepak Yadav 1, 2, 3, 4 Shanti Institute of Technology, Meerut Email: sandeepmietcs@gmail.com Email: varunpundir@hotmail.com
More informationMultipath Routing Protocol for Congestion Control in Mobile Ad-hoc Network
1 Multipath Routing Protocol for Congestion Control in Mobile Ad-hoc Network Nilima Walde, Assistant Professor, Department of Information Technology, Army Institute of Technology, Pune, India Dhananjay
More informationCCNA Exploration Network Fundamentals
CCNA Exploration 4.0 1. Network Fundamentals The goal of this course is to introduce you to fundamental networking concepts and technologies. These online course materials will assist you in developing
More informationCaching Algorithm for Content-Oriented Networks Using Prediction of Popularity of Content
Caching Algorithm for Content-Oriented Networks Using Prediction of Popularity of Content Hiroki Nakayama, Shingo Ata, Ikuo Oka BOSCO Technologies Inc. Osaka City University Background Cache has an important
More informationDetection and Localization of Multiple Spoofing Attackers in Wireless Networks Using Data Mining Techniques
Detection and Localization of Multiple Spoofing Attackers in Wireless Networks Using Data Mining Techniques Nandini P 1 Nagaraj M.Lutimath 2 1 PG Scholar, Dept. of CSE Sri Venkateshwara College, VTU, Belgaum,
More informationEducation Network Security
Education Network Security RECOMMENDATIONS CHECKLIST Learn INSTITUTE Education Network Security Recommendations Checklist This checklist is designed to assist in a quick review of your K-12 district or
More informationRouting Scheme in Energy efficient based Protocols for Wireless Sensor Networks
Routing Scheme in Energy efficient based Protocols for Wireless Sensor Networks 1 Chiranjeevi Rampilla, 2 Pallikonda Anil Kumar, 1 Student, DEPT.OF CSE, PVPSIT, KANURU, VIJAYAWADA. 2 Asst.Professor, DEPT.OF
More informationCache Less for More in Information- Centric Networks W. K. Chai, D. He, I. Psaras and G. Pavlou (presenter)
Cache Less for More in Information- Centric Networks W. K. Chai, D. He, I. Psaras and G. Pavlou (presenter) Department of Electronic & Electrical Engineering University College London London WC1E 6EA United
More informationDynamic Deferred Acknowledgment Mechanism for Improving the Performance of TCP in Multi-Hop Wireless Networks
Dynamic Deferred Acknowledgment Mechanism for Improving the Performance of TCP in Multi-Hop Wireless Networks Dodda Sunitha Dr.A.Nagaraju Dr. G.Narsimha Assistant Professor of IT Dept. Central University
More informationAssignment 5. Georgia Koloniari
Assignment 5 Georgia Koloniari 2. "Peer-to-Peer Computing" 1. What is the definition of a p2p system given by the authors in sec 1? Compare it with at least one of the definitions surveyed in the last
More informationA Novel Broadcasting Algorithm for Minimizing Energy Consumption in MANET
A Novel Broadcasting Algorithm for Minimizing Energy Consumption in MANET Bhagyashri Thakre 1, Archana Raut 2 1 M.E. Student, Mobile Technology, G H Raisoni College of Engineering, Nagpur, India 2 Assistant
More informationAction Item. Reina Bejerano, Director Learning Support Services. Dr. Tom McCoy, Assistant Superintendent Educational Services
Action Item TO: PREPARED BY: PRESENTED BY: BOARD AGENDA ITEM: Board of Trustees and Superintendent of Schools Reina Bejerano, Director Learning Support Services Dr. Tom McCoy, Assistant Superintendent
More informationIntelligent Programmatic Peering Summary Report
Intelligent Programmatic Peering Summary Report Alliance for Telecommunications Industry Solutions December 2016 i Abstract The TOPS Council s Intelligent Programmatic Peering Landscape Team (IPLT) completed
More informationSecure web proxy resistant to probing attacks
Technical Disclosure Commons Defensive Publications Series December 04, 2017 Secure web proxy resistant to probing attacks Benjamin Schwartz Follow this and additional works at: http://www.tdcommons.org/dpubs_series
More informationA Traceback Attack on Freenet
A Traceback Attack on Freenet Guanyu Tian, Zhenhai Duan Florida State University {tian, duan}@cs.fsu.edu Todd Baumeister, Yingfei Dong University of Hawaii {baumeist, yingfei}@hawaii.edu Abstract Freenet
More informationPerformance Evaluation of Mesh - Based Multicast Routing Protocols in MANET s
Performance Evaluation of Mesh - Based Multicast Routing Protocols in MANET s M. Nagaratna Assistant Professor Dept. of CSE JNTUH, Hyderabad, India V. Kamakshi Prasad Prof & Additional Cont. of. Examinations
More informationOssification of the Internet
Ossification of the Internet The Internet evolved as an experimental packet-switched network Today, many aspects appear to be set in stone - Witness difficulty in getting IP multicast deployed - Major
More information2013 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media,
2013 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising
More informationVideo Conferencing with Content Centric Networking
Video Conferencing with Content Centric Networking Kai Zhao 1,2, Xueqing Yang 1, Xinming Ma 2 1. Information Engineering College, North China University of Water Rescources and Electric Power,Zhengzhou,china
More informationOn the Feasibility of Prefetching and Caching for Online TV Services: A Measurement Study on
See discussions, stats, and author profiles for this publication at: https://www.researchgate.net/publication/220850337 On the Feasibility of Prefetching and Caching for Online TV Services: A Measurement
More informationReal-time and Reliable Video Transport Protocol (RRVTP) for Visual Wireless Sensor Networks (VSNs)
Real-time and Reliable Video Transport Protocol (RRVTP) for Visual Wireless Sensor Networks (VSNs) Dr. Mohammed Ahmed Abdala, Mustafa Hussein Jabbar College of Information Engineering, Al-Nahrain University,
More informationIN recent years, the amount of traffic has rapidly increased
, March 15-17, 2017, Hong Kong Content Download Method with Distributed Cache Management Masamitsu Iio, Kouji Hirata, and Miki Yamamoto Abstract This paper proposes a content download method with distributed
More informationPerformance Analysis of Broadcast Based Mobile Adhoc Routing Protocols AODV and DSDV
INTERNATIONAL JOURNAL OF COMPUTER SCIENCE AND MOBILE APPLICATIONS IJCSMA Performance Analysis of Broadcast Based Mobile Adhoc Routing Protocols AODV and DSDV Er. Sandeep Singh Khehra 1, Er. Abhinash Singla
More informationOptimizing Performance of Routing against Black Hole Attack in MANET using AODV Protocol Prerana A. Chaudhari 1 Vanaraj B.
IJSRD - International Journal for Scientific Research & Development Vol. 3, Issue 04, 2015 ISSN (online): 2321-0613 Optimizing Performance of Routing against Black Hole Attack in MANET using AODV Protocol
More informationNew Signaling approach Improving the VoIP Quality of Service in Ad hoc Network
New Signaling approach Improving the VoIP Quality of Service in Ad hoc Network Salma Rattal EEA&TI Laboratory Faculty of sciences and techniques Hassan 2nd University Mohammedia-Casablanca Morocco Abdelmajid
More informationDistributed Two-way Trees for File Replication on Demand
Distributed Two-way Trees for File Replication on Demand Ramprasad Tamilselvan Department of Computer Science Golisano College of Computing and Information Sciences Rochester, NY 14586 rt7516@rit.edu Abstract
More informationGSM Based Comparative Investigation of Hybrid Routing Protocols in MANETS
IOSR Journal of Electronics and Communication Engineering (IOSR-JECE) e-issn: 2278-2834,p- ISSN: 2278-8735.Volume 9, Issue 3, Ver. II (May - Jun. 214), PP 82-86 GSM Based Comparative Investigation of Hybrid
More informationIntelligent and Secure Network
Intelligent and Secure Network BIG-IP IP Global Delivery Intelligence v11.2 IP Intelligence Service Brian Boyan - b.boyan@f5.com Tony Ganzer t.ganzer@f5.com 2 Agenda Welcome & Intro Introduce F5 IP Intelligence
More informationDesign and Implementation of an Anycast Efficient QoS Routing on OSPFv3
Design and Implementation of an Anycast Efficient QoS Routing on OSPFv3 Han Zhi-nan Yan Wei Zhang Li Wang Yue Computer Network Laboratory Department of Computer Science & Technology, Peking University
More informationAODV-PA: AODV with Path Accumulation
-PA: with Path Accumulation Sumit Gwalani Elizabeth M. Belding-Royer Department of Computer Science University of California, Santa Barbara fsumitg, ebeldingg@cs.ucsb.edu Charles E. Perkins Communications
More informationEVERYTHING YOU NEED TO KNOW ABOUT NETWORK FAILOVER
WHITE PAPER EVERYTHING YOU NEED TO KNOW ABOUT NETWORK FAILOVER Overview Enterprises lose $700 billion from downtime; losses fall into three categories: lost revenue (17%), lost productivity (73%), and
More informationVMware AirWatch Content Gateway for Windows. VMware Workspace ONE UEM 1811 Unified Access Gateway
VMware AirWatch Content Gateway for Windows VMware Workspace ONE UEM 1811 Unified Access Gateway You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/
More information